1. Field of the Invention
The present invention relates to a system for managing copyrights for using, storing, copying, editing, or transmitting digital data, particularly in multimedia applications.
2. Background Art
As database systems store increasingly larger amount of information, database systems are becoming popular in which many computers, used to store various types of data independently, are connected via communication a lines to share the data.
In such a database system, the information handled up to this point has been conventionally coded information that can be processed by a computer, and that contains a relatively small amount of information and monochrome binary data, such as facsimile information at most It is not possible to handle data containing a relatively large amount of information, such as data for natural pictures or animation. A technique is under development for digital processing of picture signals other than binary data, handled only as analog signals in the past.
By digitizing the picture signal, it is possible to handle a picture signal, e.g., a television signal, by a computer. xe2x80x9cMultimedia systemsxe2x80x9d is an emerging technology of the future capable of simultaneously handling the data handled by computers and digitized picture data.
Because picture data contains an overwhelmingly large amount of information compared with character data and audio data, it is difficult to store or transfer or process the picture data by computer. For this reason, techniques for compressing or expanding picture data have been developed. Further, several standards for compression/expansion of picture data have been established. For example, the following standards have been established as common standards: JPEG Joint Photographic image coding Experts Group) standards for still pictures, H.261 standards for video conferences, MPEG1 (Moving Picture image coding Experts Group 1) standards for picture accumulation, and MPEG2 standards for current television broadcasting and high definition television broadcasting. By using these new techniques, it is now possible to transmit digital picture data in real time.
For analog data, which has been widely used in the past, the control of copyrights during processing has not been an important issue because the quality of the analog data deteriorates each time the data is stored, copied, edited, or transferred. However, the quality of digital data does not deteriorate when the data is repeatedly stored, copied, edited, or transferred. Therefore, the management and control of copyrights during processing of digital data is an important issue.
Up to now, there has been no adequate method for management and control of copyrights for digital data. It has been managed and controlled merely by copyright law or by contracts. In copyright law, only compensation for digital sound or picture recording devices has been prescribed.
It is possible not only to refer to the content of a database, but also to effectively utilize the data obtained from the database by storing, copying, or editing the data, and also transferring the edited data to the database with the edited data registered as new data. Further, it is possible to transfer edited data to other persons via a communication link or by a proper recording medium.
In a conventional database system, only character data is handled. However, in multimedia systems, sound data and picture data originally generated as analog data, are digitized and used as part of the database in addition to the other data in the database such as character data.
Under such circumstances, it is an important question to determine how to control copyrights of the data in the database. However, there are no means in the prior art for copyright management and control of such actions as copying, editing, transferring, etc. of data.
The inventors of the present invention proposed in Japanese Patent Application 1994-46419 and Japanese Patent Application 1994-141004 a system for managing the copyrights wherein the user is required to obtain a permit key from the key control center through a public telephone line, and in Japanese Patent Application 1994-132916 an apparatus for this purpose.
The inventors also proposed in Japanese Patent Application 1994-64889 copyright management method applicable to both the primary use of a database system such as displaying (including audio output) and storing of digital data and the secondary use such as copying, editing, and transmission, including the real-time transmission of digital picture. This database copyright management method provides in the database system a program and copyright information required to control the copyright in addition to a permit key which is transmitted to the user. The copyright management program monitors and manages to prevent users from operating beyond the conditions of users"" request or permission.
The inventors also proposed in Japanese Patent Application 1994-237673 a database copyright management system for specifically implementing the database copyright management method proposed in Japanese Patent Application 1994-64889 described above.
The system proposed in Japanese Patent Application 1994-237673 comprises a key management center that manages a crypt key K and a copyright management center that manages the database copyright. According to this system, all the data delivered from a database is encrypted by a first crypt key K1, and a primary user who wishes to uses data directly from the database requests from the key management center the key K corresponding to the specific usage by presenting information I1 on the user to the center. In response to the primary usage request from the primary user, the key management center transfers the information I1 on the user to the copyright management center. On receiving the information I1, the copyright management center transfers this information I1 with a copyright management program Pc to the key control center. On receiving the copyright management program Pc, the key control center transfers the first crypt key K1 and a second crypt key K2 corresponding to the specific usage together with the copyright management program Pc to the primary user via a communication network. On receiving the first crypt key K1, the primary user uses this key to decrypt the data. The user subsequently uses the second crypt key K2 to encrypt and decrypt data when storing, copying or transmitting the data.
In cryptographic systems, the use of the crypt key K to encrypt a plaintext M to obtain a cryptogram C is expressed as:
C=E(K,M)
and the use of the crypt key K to decrypt the cryptogram C to obtain the plaintext M is expressed as:
M=D(K,C).
These conventions are followed hereafter in the specification.
If data is copied to an external recording medium or transmitted without being stored, the first and second crypt keys K1 and K2 are disused. If the primary user wishes to use the data again, the first and second crypt keys K1 and K2 are re-delivered to the user from the copyright management center. The re-delivery of the second crypt key K2 indicates that the data has been copied or transferred to a secondary user, and this is recorded in the copyright management center.
In requesting a secondary usage to the copyright management center, the secondary user presents the information I1 on the primary user and information I0 on the original copyright to the copyright management center. The copyright management center transmits to the secondary user a permit key Kp corresponding to the specific usage with a second crypt key K2 (viewing permit key), a third crypt key K3 (a permit key corresponding to the specific usage), and the copyright management program Pc, which have been encrypted.
Typical encryption techniques include secret-key cryptosystem and public-key cryptosystem. The secret-key cryptosystem uses the same secret crypt key Ks for both encryption and decryption:
CmKs=E(Ks,M)
M=D(Ks,Cmks).
In the public-key crypt system, a key for encryption is open as a public-key, while a key for decryption is not open and is called a private-key. To use this cryptosystem, an information provider encrypts using the public-key Kb for a receiver:
Cmkb=E(Kb,M),
and the receiver decrypts the encrypted data using the private-key Kv that is not open:
M=D(Kv,Cmkb).
In the U.S. patent application Ser. No. 08/536,747, filed on Sep. 29, 1995, the inventors have proposed an invention that employs a first public-key Kb1, a first private-key Kv1 corresponding to the first public-key Kb1, a second public-key Kb2S, and a second private-key Kv2 corresponding to the second public-key Kb2 that are prepared by the user, and a first secret-key Ks1 and a second secret-key Ks2 prepared by the database. The database uses the first secret-key Ks1 to encrypt data M:
Cmks1=E(Ks1,M)
and further encrypts the first secret-keys Ks1 by the first public-key Kb1:
Cks1kb1=E(Kb1,Ks1)
and encrypts the second secret-key Ks2 by the second public-key Kb2:
Cks2kb2=E(Kb2,Ks2)
The database then transmits these encrypted data Cmks1 and the first and the second secret-keys CKs1 and Cks2kb2 to the user. The user decrypts the first secret-key Cks1kb1 using the first private-key Kv1:
Ks1=D(Kv1,Cks1kb1),
and decrypts the encrypted data Cmks1 using the decrypted first secret-key Ks1:
M=D(Ks1,Cmks1)
and the encrypted second secret-key Cks2kb2 using the second private-key Kv2:
Ks2=D(Kv2,Cks2kb2)
The decrypted second secret-key Ks2 is used for staring, copying, and transferring data after data decryption.
The database copyright management system proposed in Japanese Patent Application 1994-27673 assumes that a single data or database is used in the system, and not that a plurality of data or databases are edited to create new data. The inventors thus propose in this application a data copyright management system assuming that a plurality of data or databases are edited to produce new data.
If a plurality of encrypted data obtained from one or more databases are edited to produce and encrypt new data and if the encrypted data is then supplied to a different user, this system employs as a use permit key, both a crypt key for each of the plurality of data that are a source material and data of an edit program used as an edition process with a digital signature.
Upon receiving edited and encrypted data, a different user requests the use of the data by presenting the data with the digital signature to the copyright management center. The copyright management center then identifies from the digital signature the person who has edited the data, and supplies a key for using the data to the user when requested only if it has confirmed that the person who has edited the data is a valid user of this data.
In another system, a primary user who desires to use original data encrypted and supplied using the first crypt key makes a request to the key control center to send primary use permit key. The key control center distributes the primary use permit key to the primary user and charges therefor.
The primary user decrypts encrypted data using the first crypt key included in the first use permit key to use the data. When decrypted data is stored in the primary user device, it is encrypted again using the first use permit key. The primary user who requires to edit data requests the key control center for distributing secondary use permit key for data edition. The key control center distributes the secondary use permit key to the primary users.
The primary user who receives the secondary use permit key produces the copies of primary copyrighted data, edit copied data, encrypts decrypted secondary data during edition by the second crypt key included in the secondary use permit key. Finally edited data is encrypted using the third crypt key and stored in the primary user device. The primary user registers the third crypt key into the key control center in order to execute the secondary copyright as secondary exploitation right with reference to the data edition for the secondary copyrighted data, encrypts the secondary data using the third crypt key and supplies the secondary user with such data by copying it to an external medium or by transferring it via a network system.
The secondary user who requires encrypted secondary data makes a request to the key control center for distributing the third crypt key. The key control center distributes the third crypt key to the secondary user. The secondary user who receives the second crypt key decrypts encrypted secondary data using the second crypt key to use it.